Which solution should this customer use?

Professional Cloud Security Engineer V3 0 Comments

A customer needs to prevent attackers from hijacking their domain/IP and redirecting users to a malicious site through a man-in-the-middle attack.

Which solution should this customer use?
A . VPC Flow Logs
B . Cloud Armor
C . DNS Security Extensions
D . Cloud Identity-Aware Proxy

Answer: C

Explanation:

Reference: https://cloud.google.com/blog/products/gcp/dnssec-now-available-in-cloud-dns

DNSSEC ― use a DNS registrar that supports DNSSEC, and enable it. DNSSEC digitally signs DNS communication, making it more difficult (but not impossible) for hackers to intercept and spoof. Domain Name System Security Extensions (DNSSEC) adds security to the Domain Name System (DNS) protocol by enabling DNS responses to be validated. Having a trustworthy Domain Name System (DNS) that translates a domain name like www.example.com into its associated IP address is an increasingly important building block of today’s web-based applications. Attackers can hijack this process of domain/IP lookup and redirect users to a malicious site through DNS hijacking and man-in-the-middle attacks. DNSSEC helps mitigate the risk of such attacks by cryptographically signing DNS records. As a result, it prevents attackers from issuing fake DNS responses that may misdirect browsers to nefarious websites. https://cloud.google.com/blog/products/gcp/dnssec-now-available-in-cloud-dns

Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Professional Cloud Security Engineer PDF     Professional Cloud Security Engineer Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments